Skip to content

Latest commit

 

History

History
45 lines (38 loc) · 3.45 KB

air-custom-reporting.md

File metadata and controls

45 lines (38 loc) · 3.45 KB
Raw
title f1.keywords author ms.author manager audience ms.topic ms.localizationpriority search.appverid ms.collection description ms.date ms.custom ms.service appliesto
Custom reporting solutions with automated investigation and response
NOCSH
chrisda
chrisda
deniseb
ITPro
conceptual
medium
MET150
MOE150
m365-security
tier2
Learn how to integrate automated investigation and response with a custom or third-party reporting solution.
06/09/2023
air
defender-office-365
✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 2</a>
✅ <a href="https://learn.microsoft.com/defender-xdr/microsoft-365-defender" target="_blank">Microsoft Defender XDR</a>

Custom or third-party reporting solutions for Microsoft Defender for Office 365

[!INCLUDE MDO Trial banner]

With Microsoft Defender for Office 365, you get detailed information about automated investigations. However, some organizations also use a custom or third-party reporting solution. If your organization wants to integrate information about automated investigations with such a solution, you can use the Office 365 Management Activity API.

With Microsoft Defender for Office 365, you get detailed information about automated investigations. However, some organizations also use a custom or third-party reporting solution. If your organization wants to integrate information about automated investigations with such a solution, you can use the Office 365 Management Activity API.

Resource Description
Office 365 Management APIs overview The Office 365 Management Activity API provides information about various user, admin, system, and policy actions and events from Microsoft 365 and Microsoft Entra activity logs.
Get started with Office 365 Management APIs The Office 365 Management API uses Microsoft Entra ID to provide authentication services for your application to access Microsoft 365 data. Follow the steps in this article to set this up.
Office 365 Management Activity API reference You can use the Office 365 Management Activity API to retrieve information about user, admin, system, and policy actions and events from Microsoft 365 and Microsoft Entra activity logs. Read this article to learn more about how this works.
Office 365 Management Activity API schema Get an overview of the Common schema and the Defender for Office 365 and threat investigation and response schema to learn about specific kinds of data available through the Office 365 Management Activity API.

See also